WeChat small program user information and biological authentication
May 18, 2021
WeChat Mini Program Development Document
Table of contents
Biocertification
The following biocertification methods are available through SOTER.
Currently, only fingerprint identification authentication is currently supported.
Device-supported
biometrics can be queried using wx.checkIsSupportSoterAuthentication
Call the process
Description of the process steps
-
Call wx.startSoterAuthentication to get resultJSON and resultJSONSignature
-
(Optional) signature check. H
ere resultJSONSignature uses SHA256withRSA/PSS as a signature algorithm for verification.
The mathematical definition of this formula is as follows: bool check results s verify (for the original string of the signature, the string of the signature, the public key to verify the signature)
-
WeChat provides a background interface for the trusted key check service, WeChat will guarantee the correctness and reliability of the check results returned by the interface, and in the case of Android root the interface has the above characteristics (will return whether the root situation security is guaranteed).
Interface address:
POST http://api.weixin.qq.com/cgi-bin/soter/verify_signature?access_token=%access_token
Post data content (JSON encoding):
{"openid":"$openid", "json_string" : "$resultJSON", "json_signature" : "$resultJSONSignature" }
Request to return data content (JSON encoding):
{"is_ok":true}
{"is_ok":false}
{"errcode":"xxx,"errmsg":"xxxxx"}